Skip to content

Gotham Security Daily Threat Alerts

by on May 1, 2013

April 30, Softpedia – (International) PDF vulnerability exploited in MiniDuke campaign, used in Zegost, PlugX attacks. Researchers at Trend Micro found that at least three advanced persistent threat (APT) campaigns are using the CVE-2013-0640 vulnerability in Adobe Reader to spread malware, though their payloads differ. Source: http://news.softpedia.com/news/PDF-Vulnerability-Exploited-in-MiniDuke-Campaign-Used-in-Zegost-PlugX-Attacks-349753.shtml

April 30, Softpedia – (International) Vulnerabilities in D-Link IP cameras can be used to capture video streams. Several vulnerabilities in D-Link IP cameras can be exploited to access video streams, execute arbitrary commands, bypass authentication, and other purposes, according to research from Core Security. Source: http://news.softpedia.com/news/Vulnerabilities-in-D-Link-IP-Cameras-Can-Be-Used-to-Capture-Video-Streams-349669.shtml

April 29, Threatpost – (International) Google mandates app updates come from Google Play. Google instituted a policy whereby apps available through its Google Play app store must issue updates via Google Play’s update mechanism in order to prevent malicious apps from sending updates to users after an approved app is downloaded. Source: http://threatpost.com/google-mandates-app-updates-come-from-google-play/

April 29, Computerworld – (International) Google pays record $31K bounty for Chrome bugs. Google paid a researcher from the University of Luxembourg $31,336 for uncovering three “high” rated vulnerabilities in Chrome via the company’s bug bounty program. Source: http://www.networkworld.com/news/2013/042913-google-pays-record-31k-bounty-269213.html

From → Security

Comments are closed.

%d bloggers like this: